Concept to develop a software to revoke APT signing keys in case these are compromised.
UNFINISHED (barely started)
Materials - pieces of information and links that should be included in the draft.
reread this whole thread https://lists.nongnu.org/archive/html/sks-devel/2013-12/threads.html#00073
find and reread this discussion
>> Good question. Probably, but some keyserver operators might view >> it as rude. Best to ask on address@hidden
> Will do.
aptrevoker.debian.org so this can be turned off / redirected in case keyservers cannot handle the load
The code for downloading the revocation certificates should be configurable.
Download the signing key revocation certificates from:
- version 1 - download from clearnet keyservers
- version 2 - optionally download from onion keyservers
- version 3 - optionally download from freenet / or something that implements a permanent takedown attack defense
- Take any of the above bullet points one by one and convert those into a good wording that can be posted on the debian-devel mailing list.